Browse Prior Art Database

A method of user authentication for screen-touched devices Disclosure Number: IPCOM000245968D
Publication Date: 2016-Apr-21
Document File: 4 page(s) / 149K

Publishing Venue

The Prior Art Database


Most screen-touched devices (smart phone, tablet) are using a changeless and fixed-length password to do authentication. This type of password has its limitations, including shoulder-surfing, dictionary attacks etc. This article provides a new method of a random and flexible-length graphical password. It is more secure and easy to use.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 61% of the total text.

Page 01 of 4

A method of user authentication for screen

A method of user authentication for screen-

Most touch display devices (mobile phone etc) are using text/number/gesture password to do user authentication. Each of them has its own limitations. With these changeless and fixed-length password, any user may guess the correct password or accidentally the password can be seen when typing. This new solution can resolve these limitations by generating a random and flexible length password.

Before users begin to use this image authentication, they need to define the following 2 things:

1. The system will let users to determine a pool of images and forms a set of images from the pool as the key images. They can load their own pictures as the key images as well. It is easy for users to remember their key images as passwords.

2. Select a background color as the indicator of inputting key images.

How the authentication works:

When an user wants to login into the system, the authentication mechanism will produce an assortment of decoy images and key images in a grid. The key images are from the pre-defined key image pool. They can be a part or all of them. The decoy images are randomly picked from the image pool.

If the background color of the grid matched the preset color, user will have to select every key image displayed in the grid to get authentication. If not, user will have to select every decoy images to login.

When the system receives the images selected by the user, it wi...